Summer High School 2009 Aaron Bertram 8. Primitive Elements and Quadratic Reciprocity (Part I). Fermat’s Little Theorem tells us that for all nonzero remainders m, mp−1 ≡ 1 mod p. Thus every number from 1 to p − 1 is a root of xp−1 − 1 mod p, so xp−1 − 1 ≡ (x − 1)(x − 2)(x − 3) · · · (x − (p − 1)) mod p and since the constant term on the right is (−1)p−1 (p − 1)!, we get Wilson’s Theorem: If p is any prime, then: (p − 1)! ≡ −1 mod p (when p is odd, p − 1 is even whereas mod 2 we have −1 ≡ +1). Question: What is (n − 1)! mod n when n is composite? Definition 8.1. The order of any nonzero m mod p is the smallest positive value of d such that: md ≡ 1 mod p The order is, of course, always ≤ p − 1, but in fact it divides p − 1. That’s because of Euclid’s Algorithm. Suppose mk ≡ 1 mod p, and let d = GCD(k, p − 1). Then we can solve d = ak + b(p − 1), and: md ≡ mak+b(p−1) ≡ mak mb(p−1) ≡ (mk )a (mp−1 )b ≡ 1 mod p giving us a smaller power of m that divides p − 1. Definition 8.2. m mod p is primitive if its order is exactly p − 1. In this case, the powers of m: m, m2 , m3 , m4 , . . . , mp−2 , mp−1 ≡ 1 mod p are all the remainders mod p (in some other order) because if ma ≡ mb for some a < b ≤ p − 1, then mb−a ≡ 1, which isn’t allowed. For example, mod 11: m ≡ 2, m2 ≡ 4, m3 ≡ 8, m4 ≡ 5, m5 ≡ 10 m6 ≡ 9, m7 ≡ 7, m8 ≡ 3, m9 ≡ 6, m10 ≡ 1 and notice that m5 ≡ 10 ≡ −1 mod 11. Lemma 8.3 For each d that divides p − 1, there are φ(d) remainders of order d. In particular, there are φ(p − 1) primitive remainders. 1 2 Proof: If m has order d, then the roots of xd − 1 are exactly the remainders m, m2 , m3 , . . . , md−1 , md ≡ 1. Consider mk for some k < d. If GCD(k, d) = e 6= 1, then (mk )(d/e) = (m(k/e) )d ≡ 1 has smaller order. Thus the only possible remainders of order d are the powers of m that are relatively prime to d. Thus there are at most φ(d) remainders of order d for each d that divides p − 1. On the other hand, if you add all of the values of the φ function for divisors of p − 1 together: X φ(d) = p − 1 d|p−1 so there must be exactly φ(d) remainders of each order d, otherwise we wouldn’t be able to account for all the numbers from 1 to p − 1. Examples: Mod 11, we consider the divisors of 10 = 11 − 1: φ(1) + φ(2) + φ(5) + φ(10) = 1 + 1 + 4 + 4 = 10 and the corresponding remainders are: 1 (order 1), 10 (order 2), 4, 5, 9, 3 (order 5), 2, 8, 7, 6 (order 10) P Food for thought: Why is it that d|n φ(n) = n for all n? We next consider: “What are the perfect squares mod p?” For starters, 1 is obviously always a square, with square roots 1, −1 (which are different from each other as long as p is an odd prime). The next easiest case is m = −1: Proposition 8.4. Let p be an odd prime, so p ≡ 1 or p ≡ 3 mod 4. (a) −1 is not a square mod p if p ≡ 3 mod 4. (b) −1 is a square mod p if p ≡ 1 mod 4. Moreover, in that case: p−1 p−1 p−1 ! = 1 · 2 · 3··· , and − ! 2 2 2 are the two square roots of −1 modulo p. Proof: Suppose m is a primitive remainder mod p. Remember that: m, m2 , m3 , . . . , mp−1 ≡ 1 mod p runs through all the remainders modulo p. Since each square mod p has two different square roots (r and −r), it follows that exactly half of the remainders mod p are squares. But: m2 , (m2 )2 ≡ m4 , (m3 )2 ≡ m6 , . . . , (m p−1 2 )2 ≡ mp−1 are all different, and all perfect squares, so they must be all of them! 3 p−1 p−1 Notice that (m 2 )2 ≡ 1, and m 2 6≡ 1 mod p, so it must be −1. If p−1 2 p ≡ 3 mod 4, then p−1 is odd, so m is NOT a square, and if p ≡ 1 2 p−1 mod 4, then 2 is even, so it is a perfect square, and mod if p ≡ 1p−1 4, p−1 p−1 then p − 1 ≡ −1, p − 2 ≡ −2, . . . , p − 2 = 2 + 1 ≡ − 2 , so by Wilson’s Theorem: 2 p−1 p−1 p − 1 p − 1 −1 ≡ (p−1)! ≡ !·(−1)( 2 ) !≡ ! mod p 2 2 2 Examples: The first primes ≡ 1 mod 4 are: 5, 13, 17 and 29. (a) (mod 5) 2! = 2, and 22 ≡ −1 mod 5. (b) (mod 13) 6! = 720 ≡ 5 mod 13, and 52 = 25 ≡ −1 mod 13. (c) (mod 17) 8! = 40320 ≡ 13 mod 17, and 132 = 169 ≡ −1 mod 17. (d) (mod 29) 14! ≡ 12 mod 29, and 122 = 144 ≡ −1 mod 29. Remark: The nice thing about this Proposition is that it tells us whether or not −1 is a perfect square without requiring us to find the square root. It just so happens that the square root is given by p−1 !, but this is actually quite hard to calculate when p is large. 2 Quadratic Reciprocity will similarly tell us whether any remainder mod p is a perfect square or not, with a minimal amount of checking of congruences mod 4 (and mod 8). We will follow one of Gauss’ many proofs of this, which proceeds in stages. Lemma 8.5 (Stage 1): Let a mod p be nonzero. Then: p−1 a( 2 ) ≡ 1 or − 1 mod p and a is a square if it is 1, and not a square if it is −1. Proof: Let m be some primitive mod p, and choose k so that a ≡ mk . p−1 • If k = 2l is even, then a is a square and a( 2 ) ≡ m(p−1)l ≡ 1 mod p. • If k = 2l + 1 is odd, then a is not a square, and p−1 p−1 a( 2 ) ≡ m(p−1)l+( 2 ) ≡ −1 mod p. Example: mod 11: 15 ≡ 1 mod 11. Perfect square (duh!). 25 = 32 ≡ −1 mod 11. Not a perfect square. 35 = 243 ≡ 1 mod 11. Perfect square. 45 = 1024 ≡ 1 mod 11. Perfect square (duh!). 55 = 3125 ≡ 1 mod 11. Perfect square. 4 65 ≡ (−5)5 ≡ −1 mod 11. Not a perfect square. 75 ≡ (−4)5 ≡ −1 mod 11. Not a perfect square. 85 ≡ (−3)5 ≡ −1 mod 11. Not a perfect square. 95 ≡ (−2)5 ≡ 1 mod 11. Perfect square (duh!). 105 ≡ (−1)5 ≡ −1 mod 11. Not a perfect square. This is somewhat nice, but it involves too many calculations. It is, however, the key ingredient in a further extremely clever Lemma due to Gauss. For this, we consider the first half of the multiples of a: p−1 a a, 2a, 3a, 4a, . . . , 2 p−1 and we choose remainders that lie between − p−1 and mod p 2 2 (rather than the usual remainders between 1 and p − 1). Let n be the number of negative remainders. Gauss’ Lemma 8.6 (Stage 2): Let a be nonzero mod p, and let n be defined as above. Then: • a is a square mod p if n is even, and: • a is not a square mod p if n is odd. Proof: Since 2)a, −a ≡ (p − 1)a, −2a ≡ (p −p−1 . . . it follows that when p−1 p−1 a, 2a, . . . , 2 a are brought between − 2 and 2 mod p, then at most one of each of the following pairs arises: p−1 p−1 1 or − 1, 2 or − 2, 3 or − 3, . . . , or − 2 2 p−1 but since there are exactly 2 of these, it follows that one of each pair does arise. Multiply all the remainders together: p−1 p−1 (a)(2a)(3a) · · · a ≡ (±1)(±2)(±3) · · · ± mod p 2 2 and exactly n of the “±”s on the right side is a “−.” As in the proof ! from both sides to get: of Euler’s formula, we can now cancel p−1 2 a( p−1 2 ) ≡ (−1)n mod p which, together with Stage 1, proves Stage 2. Example: (a) Check that 2 is not a square mod 11. 2, 4, 6, 8, 10 become 2, 4, −5, −3, −1 so n = 3 is odd, and 2 is not a square. 5 (b) Check that 3 is a square mod 11. 3, 6, 9, 12, 15 become 3, −5, −2, 1, 4 so n = 2 is even, and 3 is a square. We can generalize Example (a) in a big way to get the following: Proposition 8.7. If p is an odd prime, p ≡ 1, 3, 5 or 7 mod 8, and: (a) 2 is a square mod p if p ≡ 1 or 7 mod 8, and (b) 2 is not a square mod p if p ≡ 3 or 5 mod 8. Proof: As in Example (a), consider: p−1 2, 4, 6, 8, · · · , p − 1 = 2 2 and rememberthat n is the number of these that are larger than p−1 2 minus the number that are less than or equal to p−1 ). (which is p−1 2 2 • If p = 8l + 1, then n = 4l − 2l = 2l is even. • If p = 8l + 3, then n = (4l + 1) − 2l = 2l + 1 is odd. • If p = 8l + 5, then n = (4l + 2) − (2l + 1) = (2l + 1) is odd. • If p = 8l + 7, then n = (4l + 3) − (2l + 1) = (2l + 2) is even. Examples: (a) 2 is not a square mod 3. (b) 2 is not a square mod 5. (c) 2 ≡ 32 mod 7. (d) 2 is not a square mod 11 (and 11 ≡ 3 mod 8). (e) 2 is not a square mod 13 (and 13 ≡ 5 mod 8). (f) 2 ≡ 62 mod 17 (and 17 ≡ 1 mod 8). (g) 2 is not a square mod 19 (and 19 ≡ 3 mod 8). (h) 2 ≡ 52 mod 23 (and 23 ≡ 7 mod 8). Again, notice that the Proposition tells us whether 2 is a perfect square or not mod p simply by testing p mod 8.